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This is in response to the appeal brief filed on July 1, 2003. 
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(1) Real Party in Interest 

A statement identifying the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

A statement identifying the related appeals and interferences which will directly 
affect or be directly affected by or have a bearing on the decision in the pending appeal 
is contained in the brief. 

(3) Status of Claims 

The statement of the status of the claims contained in the brief is correct. 

(4) Status of Amendments After Final 

No amendment after final has been filed. 

(5) Summary of Invention 

The summary of invention contained in the brief is correct. 

(6) Issues 

The appellant's statement of the issues in the brief is correct. 
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(7) Grouping of Claims 

The rejection of claims 1-26 stand or fall together because appellant's brief does 
not include a statement that this grouping of claims does not stand or fall together and 
reasons in support thereof. See 37 CFR 1.192(c)(7). 

(8) Claims Appealed 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(9) Prior Art of Record 

5,826,014 Coleyetal 10-1998 

Decasper et al, "Crossbow: A Toolkit for Integrated Services of Cell Switched IPv6#" 

,1997, pg 1-10 

(10) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 
Claims 1,4-8,14, and 17-21 are rejected under 35 U.S.C. 103(a). This rejection 
is set forth in prior Office Action, Paper No. 9. 

(11) Response to Argument 

The Appellant has noted that U.S. Patent 5,835,726 is relied upon for "a user 
generates a rule base which is then converted into a set of filter language instructions"; 
"each rule in the rule base includes"; and "packets are filtered as they flow into and out 
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of the network in accordance with the rules comprising the rule base" as recited in the 
abstract. The Appellant has argued that the examiner's reasoning relying upon 
dictionary terms for rules and filters is incorrect and that they are distinct entities and 
does not mean that a filter is a rule base. The examiner respectfully disagrees, 
dictionary terminology was applied as evidence of well known terms in the art. The 
examiner is relying upon use of dictionary terminology for use of well defined terms. 
The examiner notes that the Appellant's remark on official notice taken by the examiner, 
the appellant has not officially challenged the examiner for use of official notice, nor has 
the Appellant seasonably challenged it. Please see MPEP 2144.03. 

As per the applicant's reference to U.S. Patent 5,835,726, the examiner notes 
that it is presumed that prior U.S. Patents are considered valid and that the inventors 
can be their own lexicographer and the examiner is hereby not going to comment on the 
validity of the reference to U.S. Patent 5,835,726 and finds the citation irrelevant since it 
was not used as a rejection. 

The Appellant argues that Decasper et al fails to recite of storing information in 
an Association Identification Unit pertaining to flow and filter information. It is further 
argued that Decasper et al discloses of storing packets in a stack (page 5, line 2) and 
that the AIU stores filters, not rules. The examiner has provided support for the 
explanation of filters and rules whereby it is disclosed in the Microsoft Computer 
Dictionary that filter is defined as "a pattern or mask through which data is passed to 
weed out specified items" as recited on page 197. Rules is defined in Merriam 
Webster's Collegiate Dictionary as "to exist in a specified state or condition" as recited 
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on page 1024. The examiner has found equivalence between the definitions of the two 
whereby the filtering disclosed in the combination of Decasper et al and Coley et al is a 
specific form of rules. The examiner is interpreting the AIU or database as storage 
means that is well known terminology in the art. The examiner has provided rationale 
that states initializing the AIU (database) is necessary for relationships and data types 
to be defined beforehand so that queries and manipulation of the data can be 
accomplished more efficiency which is accepted practices in the prior art concerning 
databases. 

The Appellant argues that Decasper et al does not includes rules for acceptance 
or rejection and making a determination whether or not a packet should be allowed or 
denied access as the Appellants. The examiner notes that Decasper et al does 
disclose of rules for acceptance of packets, but fails to disclose of rules for rejection 
whereby Coley et al is relied upon for this feature. The Appellant is individually 
attacking the reference instead of the combination that which was applied. In response 
to applicant's arguments against the references individually, one cannot show 
nonobviousness by attacking references individually where the rejections are based on 
combinations of references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 
1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Decasper et 
al recites of an association identification unit or AIU (database) stores information 
pertaining to a flow of data (connectionless) data packets and additionally stored filter 
information (rules). A received IPv6 (connectionless) packet is associated with an 
identifier (flow tag). If the (connectionless) packet includes an unknown flow, a new flow 
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entry is automatically created (computed) for it which is added to and stored in the AIU 
(database comprising an approved list) and it is allowed to pass (pg 4 & 5). Decasper 
et al only recites of accepting packets. Coley et al discloses of monitoring incoming IP 
(connectionless) packets and to determine the validity of the source address (col. 8, 
lines 1-3 and col. 1 1 , lines 47-48). If the analyzed source address is compared against 
authorized (approved list) and unauthorized (disapproved list) addresses maintained by 
a proxy agent (which is stored in a database) and the comparison includes checking if 
the source is unknown, if it is not on the list, then it is denied (col. 1 1 , lines 22-32). The 
motivation of Coley et al is that problems in the prior art exist when a packet comprises 
an unknown address and because it is not identified, it is allowed to pass (col. 3, lines 
11-14) and this presents a problem because it provides the hacker a means to bypass 
the packet filter (col. 3, lines 21-22). Coley et al utilizes the source address information 
whereby the flow tag information of Decasper et al discloses that the source address is 
included within the flow (pg 4). The examiner has provided references that demonstrate 
of well known aspects concerning packet acceptance and rejection practices that is a 
further verification of industry standards that are implemented for protecting a network 
from receiving unacceptable packets and accepting packets determined to be 
acceptable to a recipient. 

The Appellant has argued that the flow identifier of Decasper et al is only used to 
associate packets in a flow so that they get processed by the same filter, not to allow or 
deny access to further processing and that they do not perform a match for the purpose 
of determining whether or not to grant access to a packet. Decasper et al discloses of 
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an association identification unit or AIU (database) that stores information pertaining to 
a flow of data (connectionless) data packets and additionally stored filter information 
(rules). A received IPv6 (connectionless) packet is associated with an identifier (flow 
tag). If the (connectionless) packet includes an unknown flow, a new flow entry is 
automatically created (computed) for it which is added to and stored in the AIU 
(database comprising an approved list) and it is allowed to pass (pg 4 & 5). The 
examiner again directs that Appellant to the comments recited above concerning 
Decasper et al not disclosing the feature of denying access to a packet whereby the 
combination of Decasper et al and Coley et al recite of this feature. The Appellant has 
disclosed of a flow being a series of packets, each identified by the same source 
address and the same destination address as recited on page 2, lines 7-8. Decasper et 
al discloses of flow being a sequence of data packets where all packets have header 
fields (including source address and destination address) that is equivalent to the 
applicant's interpretation of the claim language. Coley et al discloses of monitoring 
incoming IP (connectionless) packets and to determine the validity of the source 
address (col. 8, lines 1-3 and col. 11, lines 47-48). If the analyzed source address is 
compared against authorized (approved list) and unauthorized (disapproved list) 
addresses maintained by a proxy agent (which is stored in a database) and the 
comparison includes checking if the source is unknown, if it is not on the list, then it is 
denied (col. 1 1 , lines 22-32). The motivation of Coley et al is that problems in the prior 
art exist when a packet comprises an unknown address and because it is not identified, 
it is allowed to pass (col. 3, lines 11-14) and this presents a problem because it provides 
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the hacker a means to bypass the packet filter (col. 3, lines 21-22). Coley et al utilizes 
the source address information whereby the flow tag information of Decasper et al 
discloses that the source address is included within the flow (pg 4). The examiner has 
provided references that demonstrate of well known aspects concerning packet 
acceptance and rejection practices that is a further verification of industry standards that 
are implemented for protecting a network from receiving unacceptable packets and 
accepting packets determined to be acceptable to a recipient. 

The Appellant additionally argues of the examiner's inherency statement 
concerning Decasper et al initializing the AIU or database and that the AIU is a pack of 
filters with the ability to place an identifier on subsequent packets in a flow. The 
examiner is interpreting the AIU or database as storage means that is well known 
terminology in the art. The examiner has provided rationale that states initializing the 
AIU (database) is necessary for relationships and data types to be defined beforehand 
so that queries and manipulation of the data can be accomplished more efficiency which 
is accepted practices in the prior art concerning databases. 

The appellant has argued that Decasper et al makes no suggestion of Decasper 
et al denying access to a packet. The examiner notes that Decasper et al does disclose 
of rules for acceptance of packets, but fails to disclose of rules for rejection whereby 
Coley et al is relied upon for this feature. The Appellant is individually attacking the 
reference instead of the combination that which was applied. In response to applicant's 
arguments against the references individually, one cannot show nonobviousness by 
attacking references individually where the rejections are based on combinations of 
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references. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & 
Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). Decasper et al recites of an 
association identification unit or AIU (database) stores information pertaining to a flow of 
data (connectionless) data packets and additionally stored filter information (rules). A 
received IPv6 (connectionless) packet is associated with an identifier (flow tag). If the 
(connectionless) packet includes an unknown flow, a new flow entry is automatically 
created (computed) for it which is added to and stored in the AIU (database comprising 
an approved list) and it is allowed to pass (pg 4 & 5). Decasper et al only recites of 
accepting packets. Coley et al discloses of monitoring incoming IP (connectionless) 
packets and to determine the validity of the source address (col. 8, lines 1-3 and col. 11, 
lines 47-48). If the analyzed source address is compared against authorized (approved 
list) and unauthorized (disapproved list) addresses maintained by a proxy agent (which 
is stored in a database) and the comparison includes checking if the source is unknown, 
if it is not on the list, then it is denied (col. 1 1 , lines 22-32). The motivation of Coley et al 
is that problems in the prior art exist when a packet comprises an unknown address and 
because it is not identified, it is allowed to pass (col. 3, lines 11-14) and this presents a 
problem because it provides the hacker a means to bypass the packet filter (col. 3, lines 
21-22). Coley et al utilizes the source address information whereby the flow tag 
information of Decasper et al discloses that the source address is included within the 
flow (pg 4). The examiner has provided references that demonstrate of well known 
aspects concerning packet acceptance and rejection practices that is a further 
verification of industry standards that are implemented for protecting a network from 
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receiving unacceptable packets and accepting packets determined to be acceptable to 
a recipient. 

It is argued by the Appellant that Coley et al discloses of a disapprove list, but 
that Coley et al requires a series of tests for determining accessibility (Fig. 4A and Fig. 
4B) and further comments that executing a series of tests for each packet is inefficient. 
The Appellant has provided an improvement that initializes a database with approved 
and disapproved flow tags that are used to determine accessibility and additionally 
compute a flow tag, not a flow identifier, for any flow that is not pre-approved or pre- 
disapproved. The examiner respectfully disagrees for it is disclosed by Decasper et al 
that an "Ipv6 packet is associated with a flow by tagging with an identifier for the flow it 
belongs to. If the packet in question belongs to yet an unknown glow, an new flow entry 
is automatically created (page 5, top portion of the page). Based upon the Appellant's 
specification, it is recited of a specific form of flow tag computation from page 13, line 18 
through page 15, line 3. On page 15, lines 14-15 the Appellant recites "So, the present 
invention is not limited to the specific flow tag construction described above." The 
examiner has given the interpretation of a flow tag its broadest possible interpretation as 
being any identifying information associated with a packet that comprises and source 
and destination address whereby the disclosure of Decasper et al meets the Appellant's 
claim limitations. Coley et al is relied upon as a combination with Decasper et al for 
accepting and rejection packets based upon flow tag or identifying information which 
includes source and destination address information, please refer above for further 
explanation concerning the combination of Decasper et al and Coley et al. 
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The Appellant has directed the examiner to page 1 1 , line 14 through page 12, 
line 2 whereby it is disclosed that the Appellant's method only does a computation when 
it is presented with a new flow and not for every packet presented to it. The examiner 
notes that it is not currently claimed by the Appellant of being presented with a new flow 
and not performing a computation for every packet presented to it. 

The Appellants arguments pertaining to claims 6-8 and 19- 21 pertain to the 
examiner's position concerning official notice. As per the Appellant's remark on official 
notice taken by the examiner, the appellant has not officially challenged the examiner 
for use of official notice, nor has the Appellant seasonably challenged it. Please see 
MPEP 2144.03. 

For the above reasons, it is believed that the rejections should be sustained. 
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